CVE-2019-10846
23Vexday Risk Score
No sign of exploitation. It has a public proof of concept.
ssvc Attendepss 4.7%
from disclosure to weapon173 days
Published on NVDMay 23
1st PoC+173d
exploitation probability
4.7%top 9% of all CVEs
observed exploitation
nono source reports it
2 public exploit(s)
Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/155257/Computrols-CBAS-Web-19.0.0-Cross-Site-Scripting.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47614unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.